CVE-2023-53015

MEDIUM EPSS 8.7%
Published Mar 27, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 27, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: HID: betop: check shape of output reports betopff_init() only checks the total sum of the report counts for each report field to be at least 4, but hid_betopff_play() expects 4 report fields. A device advertising an output report with one field and 4 report counts would pass the check but crash the kernel with a NULL pointer dereference in hid_betopff_play().

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
8.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel*≥4.0  –  <4.14.305
linuxlinux_kernel*≥4.15  –  <4.19.272
linuxlinux_kernel*≥4.20  –  <5.4.231
linuxlinux_kernel*≥5.5  –  <5.10.166
linuxlinux_kernel*≥5.11  –  <5.15.91
linuxlinux_kernel*≥5.16  –  <6.1.9
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/07bc32e53c7bd5c91472cc485231ef6274db9b76
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1a2a47b85cab50a3c146731bfeaf2d860f5344ee
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/28fc6095da22dc88433d79578ae1c495ebe8ca43
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3782c0d6edf658b71354a64d60aa7a296188fc90
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7317326f685824c7c29bd80841fd18041af6bb73
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3065cc56221d1a5eda237e94eaf2a627b88ab79
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dbab4dba400d6ea9a9697fbbd287adbf7db1dac4
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/07bc32e53c7bd5c91472cc485231ef6274db9b76
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1a2a47b85cab50a3c146731bfeaf2d860f5344ee
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/28fc6095da22dc88433d79578ae1c495ebe8ca43
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3782c0d6edf658b71354a64d60aa7a296188fc90
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7317326f685824c7c29bd80841fd18041af6bb73
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3065cc56221d1a5eda237e94eaf2a627b88ab79
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dbab4dba400d6ea9a9697fbbd287adbf7db1dac4
    Patch